Meeting Trump's 2030 Quantum Deadline Will be Expensive, Complex
Getting accurate visibility into IT and OT systems will be compounded by multivendor environments, misaligned update life cycles, and interoperability gaps.
Operational Technology controls physical processes, so cyber risks can disrupt safety, reliability, and availability across connected industrial systems.
Search across headline titles and summaries.
Background for this topic.
Operational technology (OT) comprises hardware and software that monitor and control physical processes—such as PLCs, RTUs, HMIs, SCADA, and DCS—in manufacturing, utilities, transport, and buildings. Its assets include controllers, sensors, actuators, engineering workstations, and the networks linking them. OT depends on precise timing, reliable communications, and safe states; outages or incorrect commands can stop production or affect physical safety, even when little sensitive data is involved.
Security concerns arise where OT connects to enterprise networks, vendor remote-access paths, or internet-facing services. Legacy protocols and long-lived devices may lack authentication, encryption, logging, or practical patching options. A compromise could alter setpoints, inhibit alarms, or disrupt availability, but impact depends on process design and safeguards. Defenders typically segment control networks, restrict and monitor remote access, maintain asset and dependency inventories, use passive monitoring where active scanning is risky, and test recovery and safe manual operation. Vulnerability management must account for maintenance windows, vendor support, and safety validation rather than treating every patch like IT.
Weekly headline count for the current query.
Getting accurate visibility into IT and OT systems will be compounded by multivendor environments, misaligned update life cycles, and interoperability gaps.
Even the best segmentation strategy will fall apart without constant oversight and disciplined operations.
An unauthenticated attacker can exploit the command injection vulnerability to gain remote access to robotic systems, causing significant disruption to the environment.
What researchers dubbed the most sophisticated AI-integrated ICS campaign to date hit a brick wall in the form of a SCADA login screen.
The OT devices that translate machine talk into Internet-speak are riddled with vulnerabilities and more frequently targeted for attacks, researchers say.
The Maritime Transportation Security Act (MTSA) requires plans to protect OT systems, audits by independent third parties, and a hybrid OT-security role.
OT asset owners are being asked by regulators to attest to their post-quantum cryptographic readiness without the appropriate tooling, resulting in paperwork dressed up to look like genuine security.
The US government warns programmable logic controllers are being targeted, and research turns up 179 vulnerable operational technology (OT) devices.
Attackers compromised Internet-facing OT devices and caused file and display manipulation, operational disruption, and financial losses across sectors.
Operational technology (OT) at industrial and critical infrastructure sites seem to have been benefitting from a lull in ransomware, and hackers' relative ignorance of OT systems.
Forward Edge-AI's new Isidore Quantum is a compact, low-power hardware device designed to defend sensitive operational technology endpoints against future quantum attacks.
ICS/OT experts have devised a scoring system for rating the severity and effects of cybersecurity events in operational technology environments.
Ironically, security by obscurity has helped prevent dangerous OT attacks in recent years. It won't be that way forever.
Using artificial intelligence in operational technology environments could be a bumpy ride full of trust issues and security challenges.
So far the attacks, which compromise virtual network computing (VNC) connections in OT systems, have not been particularly destructive, but this could change as they evolve.
Global cybersecurity agencies published guidance regarding AI deployments in operational technology, a backbone of critical infrastructure.
Despite increased awareness, manufacturers continue to face an onslaught of attacks.
CVE-2025-54603 gave attackers an opening to disrupt critical operational technology (OT) environments and steal data from them.
OT and ICS systems indeed hold the crown jewels of critical infrastructure organizations, but unmonitored data sprawl is proving to be pure gold for increasingly brazen nation-state threat actors like Volt Typhoon, Pearce argues.
Researchers observed exploitation attempts against a vulnerability with a CVSS score of 10 in a popular Erlang-based platform for critical infrastructure and OT development.